mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2025-06-10 10:01:13 +09:00
6539c72e7e
JavaScript module requests (in a non-worker context) always have CORS enabled. However, CORS requests are only allowed for same-origin or HTTP/S requests. This patch extends this to allow resource:// requests from opaque origins (e.g. about: URLs). We must also set the Access-Control-Allow-Origin header to "null" to ensure that the response is accepted by the CORS checks. This does not affect requesting resource:// URLs from resource:// URLs as those are same-origin and skip CORS checks. This ultimately enables requesting resource:// JS modules from the about:settings page. |
||
|---|---|---|
| .. | ||
| ContentFilter.cpp | ||
| ContentFilter.h | ||
| FileRequest.cpp | ||
| FileRequest.h | ||
| GeneratedPagesLoader.cpp | ||
| GeneratedPagesLoader.h | ||
| LoadRequest.cpp | ||
| LoadRequest.h | ||
| ProxyMappings.cpp | ||
| ProxyMappings.h | ||
| Resource.cpp | ||
| Resource.h | ||
| ResourceLoader.cpp | ||
| ResourceLoader.h | ||
| UserAgent.h | ||